Are you a good news or a bad news first person? CMC’s cybersecurity awareness has a little bit of both for employees. While employees tested well for their awareness about creating a human firewall and email security, there were areas for improvement said Paul Mackay, CMC’s CIO.
“The cybersecurity assessment we completed earlier this year was a little harder than our usual testing, but it provides some valuable insight on how important our training is and the impact it has on employees,” Mackay said. “I was pleased to see how well the human firewall training was retained by our employees, who serve as the first line of defense against cyberattacks.”
On the flip side, CMC employees scored lowest on password strength and authentication questions.
“Passwords are always a really important step we all can take to enhance our professional and personal safety,” Mackay said.
He offered some suggestions for improving password security and knowledge:
- Don’t use the same password for multiple sites. If a password is discovered, it can be used to access a variety of websites.
- Avoid using a pattern in your password, such as yourpetname1, yourpetname2, etc. Cybercriminals are really talented in seeing patterns and predicting your next password.
- Use a phrase with numbers interspersed to make it easier to remember your password, but harder for hackers to discover. For example, Maryh8atesbr0cc0li. (No, offense intended broccoli fans!) Also remember that short passwords are very easy to crack regardless of complexity. The longer the password, the better.
“Cybersecurity is really important to our business for a variety of reasons,” Mackay said. “First, it keeps us safe from scammers and threats. Training is equally important because it can help reduce the cost of insurance. And, finally, a lot of the utilities we work with are requiring much stricter cybersecurity measures before we’ll even be considered for work.”
Fortunately, CMC has more cybersecurity training planned for May, including the popular Inside Man series featuring hacker-turned cybersecurity expert, Mark. Keep looking in your email for more details in the near future.